<?php
  class DeGISLoginService{

    public function autenticateUser($uname, $pass){
      if( strlen(trim($uname)) > 0 && strlen(trim($pass)) > 0){
      //Check user in database
      $pntables = pnDBGetTables();
      $userColumn            = $pntables['users_column'];
      $groupPermissionColumn = $pntables['group_perms_column'];
      $groupMemberColumn     = $pntables['group_membership_column'];

      $userArray = array();

      $sql = "
              SELECT
                $pntables[users].$userColumn[uid],
                $pntables[users].$userColumn[uname],
                $pntables[users].$userColumn[pass],
                $pntables[users].$userColumn[email],
                $pntables[users].$userColumn[hash_method],
                $pntables[group_perms].$groupPermissionColumn[level]
              FROM
                $pntables[users],
                $pntables[group_perms],
                $pntables[group_membership]
              WHERE
                  $userColumn[uname] = '" . pnVarPrepForStore($uname) . "'
               AND
                  $pntables[users].$userColumn[uid] = $pntables[group_membership].$groupMemberColumn[uid]
               AND
                  $pntables[group_membership].$groupMemberColumn[gid] = $pntables[group_perms].$groupPermissionColumn[gid]
               ";

        $column = array('uid', 'uname', 'pass', 'email', 'hash_method', 'level');

        $result = DBUtil::executeSQL($sql);
        $userArray = DBUtil::marshallObjects ($result, $column);

        //Check encryption type
        $hashArray = array('md5'=> 1, 'sha1'=> 5, 'sha256' => 8);
        $hash = array_search($userArray[0]['hash_method'], $hashArray); 
        $encryptPass = DataUtil::hash(strtolower($pass), $hash);

        //Check pass word
        if(isset($userArray) && !empty($userArray) && $userArray[0]['pass'] == $encryptPass){

        //Query user layer
        $layerColumn            = $pntables['degis_layer_column'];
        $sql = "
                SELECT
                  $pntables[degis_layer].$layerColumn[id],
                  $pntables[degis_layer].$layerColumn[name],
                  $pntables[degis_layer].$layerColumn[country],
                  $pntables[degis_layer].$layerColumn[url]
                FROM
                  $pntables[users],
                  $pntables[degis_layer]
                WHERE
                    $pntables[users].$userColumn[uid] = $pntables[degis_layer].$layerColumn[uid]
                AND
                    $pntables[degis_layer].$layerColumn[uid] = ".$userArray[0]['uid']."
                ORDER BY $pntables[degis_layer].$layerColumn[id] ASC" ;

          $column = array('id', 'name', 'country', 'url');

          $result = DBUtil::executeSQL($sql);
          $layerArray = DBUtil::marshallObjects ($result, $column);

          $response["uid"]   = $userArray[0]['uid'];
          $response["uname"] = $userArray[0]['uname'];
          $response["email"] = $userArray[0]['email'];
          $response["level"] = $userArray[0]['level'];
          $response["url"]   = htmlentities($layerArray[0]['url']."?votename=".$layerArray[0]['name']."&country=".$layerArray[0]['country']."&filter=province");
          $response["layer"] = $layerArray;
          $response["errorCode"] = 0;
          $response["errorString"] = "ok";
          $this->setResponse($response);
        } else{
          $response["errorCode"] = 1;
          $response["errorString"] = "user or password is wrong.";
          $this->setResponse($response);
        }
      } else if( strlen(trim($uname)) > 0 ){
          $response["errorCode"] = 2;
          $response["errorString"] = "Please enter password.";
          $this->setResponse($response);
      } else if( strlen(trim($pass)) > 0 ){
          $response["errorCode"] = 3;
          $response["errorString"] = "Please enter username.";
          $this->setResponse($response);
      } else{
          $response["errorCode"] = 4;
          $response["errorString"] = "Please enter username and password ";
          $this->setResponse($response);
      }
    }

    private function setResponse($response){

      //Gen food
      $xml = new DOMDocument('1.0', 'UTF-8');
      $xml->formatOutput = true;

      $xml_node_response = $xml->createElement("response");
      $xml->appendChild( $xml_node_response );

      if($response["errorCode"] == 0){
        $xml_node_uid = $xml->createElement("uid",$response["uid"]);
        $xml_node_response->appendChild( $xml_node_uid );
        $xml_node_uname = $xml->createElement("uname",$response["uname"]);
        $xml_node_response->appendChild( $xml_node_uname );
        $xml_node_email = $xml->createElement("email",$response["email"]);
        $xml_node_response->appendChild( $xml_node_email );
        $xml_node_level = $xml->createElement("level",$response["level"]);
        $xml_node_response->appendChild( $xml_node_level );

        $xml_node_errorcode = $xml->createElement( "errorcode", $response["errorCode"]);
        $xml_node_response->appendChild( $xml_node_errorcode );
        $xml_node_errorstring = $xml->createElement( "errorstring", $response["errorString"]);
        $xml_node_response->appendChild( $xml_node_errorstring );

        $xml_node_layers = $xml->createElement("layers");
        $xml_node_response->appendChild( $xml_node_layers );
        foreach($response['layer'] as $val){
          $xml_node_layer = $xml->createElement("layer");
          $xml_node_layer->setAttribute("id", $val['id']);
          $xml_node_layers->appendChild( $xml_node_layer);
          $xml_node_type = $xml->createElement("type","layer");
          $xml_node_layer->appendChild( $xml_node_type);
          $xml_node_title = $xml->createElement("title",$val['name']);
          $xml_node_layer->appendChild( $xml_node_title);
          $xml_node_country = $xml->createElement("country",$val['country']);
          $xml_node_layer->appendChild( $xml_node_country);

          //$layer_title_link = urlencode(iconv( "ISO-8859-1","UTF-8", $val['name']));

          $xml_node_xml = $xml->createElement("xml", htmlentities($val['url']."?country=".$val['country']."&filter=province"));
          $xml_node_layer->appendChild( $xml_node_xml);

/*
  $cur_encoding = mb_detect_encoding($val['name']) ; 
  var_dump($cur_encoding);
  exit;


  if($cur_encoding == "UTF-8" && mb_check_encoding($in_str,"UTF-8")) 
    return $in_str; 
  else 
    return utf8_encode($in_str); 
*/
        }

        //var_dump($response['layer']);
      }else{
        $xml_node_errorcode = $xml->createElement( "errorcode", $response["errorCode"]);
        $xml_node_response->appendChild( $xml_node_errorcode );
        $xml_node_errorstring = $xml->createElement( "errorstring", $response["errorString"]);
        $xml_node_response->appendChild( $xml_node_errorstring );
      }

      echo $xml->saveXML();

    }
  }


?>